Tongda Office Anywhere Security Vulnerabilities and Issues — Tongda Office Anywhere CVE List

Lucene search

Tongda2000Tongda Office Anywhere

37 matches found

CVE•added 2022/02/14 9:15 p.m.•109 views

CVE-2022-24206

Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in /mobile_seal/get_seal.php via the DEVICE_LIST parameter.

9.8CVSS9.7AI score0.0025EPSS

CVE•added 2022/02/14 9:15 p.m.•101 views

CVE-2022-23902

Tongda2000 v11.10 was discovered to contain a SQL injection vulnerability in export_data.php via the d_name parameter.

9.8CVSS9.7AI score0.0025EPSS

CVE•added 2023/11/24 4:15 p.m.•61 views

CVE-2023-6276

A vulnerability classified as critical has been found in Tongda OA 2017 up to 11.9. This affects an unknown part of the file general/wiki/cp/ct/delete.php. The manipulation of the argument PROJ_ID_STR leads to sql injection. It is possible to initiate the attack remotely. The exploit has been discl...

7.5CVSS7.2AI score0.00046EPSS

CVE•added 2023/08/05 4:15 p.m.•59 views

CVE-2023-4166

A vulnerability has been found in Tongda OA and classified as critical. This vulnerability affects unknown code of the file general/system/seal_manage/dianju/delete_log.php. The manipulation of the argument DELETE_STR leads to sql injection. The exploit has been disclosed to the public and may be u...

9.8CVSS7AI score0.84944EPSS

CVE•added 2023/09/29 8:15 p.m.•56 views

CVE-2023-5285

A vulnerability classified as critical was found in Tongda OA 2017. Affected by this vulnerability is an unknown functionality of the file general/hr/recruit/recruitment/delete.php. The manipulation of the argument RECRUITMENT_ID leads to sql injection. The attack can be launched remotely. The expl...

7.5CVSS7.2AI score0.00035EPSS

CVE•added 2023/08/05 2:15 p.m.•55 views

CVE-2023-4165

A vulnerability, which was classified as critical, was found in Tongda OA. This affects an unknown part of the file general/system/seal_manage/iweboffice/delete_seal.php. The manipulation of the argument DELETE_STR leads to sql injection. The exploit has been disclosed to the public and may be used...

9.8CVSS6.8AI score0.88667EPSS

CVE•added 2023/09/30 6:15 a.m.•50 views

CVE-2023-5298

A vulnerability was found in Tongda OA 2017. It has been rated as critical. Affected by this issue is some unknown functionality of the file general/hr/recruit/requirements/delete.php. The manipulation of the argument REQUIREMENTS_ID leads to sql injection. The exploit has been disclosed to the pub...

7.5CVSS6.5AI score0.00046EPSS

CVE•added 2023/10/26 1:15 p.m.•49 views

CVE-2023-5780

A vulnerability classified as critical was found in Tongda OA 2017 11.10. This vulnerability affects unknown code of the file general/system/approve_center/flow_guide/flow_type/set_print/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The attack can be initiated remo...

9.8CVSS8.8AI score0.00053EPSS

CVE•added 2023/09/29 3:15 p.m.•48 views

CVE-2023-5267

A vulnerability has been found in Tongda OA 2017 and classified as critical. This vulnerability affects unknown code of the file general/hr/recruit/hr_pool/delete.php. The manipulation of the argument EXPERT_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Up...

9.8CVSS7.8AI score0.00032EPSS

CVE•added 2023/10/26 2:15 p.m.•47 views

CVE-2023-5782

A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.10. Affected is an unknown function of the file /manage/delete_query.php of the component General News. The manipulation of the argument NEWS_ID leads to sql injection. The exploit has been disclosed to the publ...

9.8CVSS7.8AI score0.00053EPSS

CVE•added 2023/10/20 9:15 p.m.•46 views

CVE-2023-5682

A vulnerability has been found in Tongda OA 2017 and classified as critical. This vulnerability affects unknown code of the file general/hr/training/record/delete.php. The manipulation of the argument RECORD_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Up...

9.8CVSS6.8AI score0.00134EPSS

CVE•added 2024/10/31 10:15 p.m.•46 views

CVE-2024-10598

A vulnerability classified as critical was found in Tongda OA 11.2/11.3/11.4/11.5/11.6. This vulnerability affects unknown code of the file general/hr/setting/attendance/leave/data.php of the component Annual Leave Handler. The manipulation leads to improper authorization. The attack can be initiat...

6.9CVSS5.7AI score0.0008EPSS

CVE•added 2023/09/29 12:15 p.m.•44 views

CVE-2023-5261

A vulnerability, which was classified as critical, was found in Tongda OA 2017. Affected is an unknown function of the file general/hr/manage/staff_title_evaluation/delete.php. The manipulation of the argument EVALUATION_ID leads to sql injection. The exploit has been disclosed to the public and ma...

9.8CVSS6.9AI score0.00059EPSS

CVE•added 2023/10/26 1:15 p.m.•44 views

CVE-2023-5781

A vulnerability, which was classified as critical, has been found in Tongda OA 2017 11.10. This issue affects the function DELETE_STR of the file general/system/res_manage/monitor/delete_webmail.php. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been...

9.8CVSS8.2AI score0.00062EPSS

CVE•added 2024/11/03 9:15 a.m.•44 views

CVE-2024-10730

A vulnerability, which was classified as critical, has been found in Tongda OA up to 11.6. This issue affects some unknown processing of the file /pda/appcenter/web_show.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been discl...

9.8CVSS7.1AI score0.00124EPSS

CVE•added 2023/09/29 3:15 p.m.•42 views

CVE-2023-5265

A vulnerability, which was classified as critical, has been found in Tongda OA 2017. Affected by this issue is some unknown functionality of the file general/hr/manage/staff_transfer/delete.php. The manipulation of the argument TRANSFER_ID leads to sql injection. The exploit has been disclosed to t...

9.8CVSS7.8AI score0.00043EPSS

CVE•added 2024/11/03 10:15 a.m.•42 views

CVE-2024-10731

A vulnerability, which was classified as critical, was found in Tongda OA up to 11.10. Affected is an unknown function of the file /pda/appcenter/check_seal.php. The manipulation of the argument ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed ...

9.8CVSS7.1AI score0.00124EPSS

CVE•added 2023/11/09 7:15 p.m.•41 views

CVE-2023-6054

A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.9. This affects an unknown part of the file general/wiki/cp/manage/lock.php. The manipulation of the argument TERM_ID_STR leads to sql injection. The exploit has been disclosed to the public and may be used. Upg...

9.8CVSS7.8AI score0.001EPSS

CVE•added 2023/10/26 2:15 p.m.•40 views

CVE-2023-5783

A vulnerability has been found in Tongda OA 2017 up to 11.9 and classified as critical. Affected by this vulnerability is an unknown functionality of the file general/system/approve_center/flow_sort/flow/delete.php. The manipulation of the argument id/sort_parent leads to sql injection. The attack ...

7.5CVSS7.1AI score0.00046EPSS

CVE•added 2023/11/09 7:15 p.m.•40 views

CVE-2023-6053

A vulnerability, which was classified as critical, has been found in Tongda OA 2017 up to 11.9. Affected by this issue is some unknown functionality of the file general/system/censor_words/manage/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The exploit has been di...

9.8CVSS8.1AI score0.0004EPSS

CVE•added 2024/11/01 4:15 a.m.•39 views

CVE-2024-10617

A vulnerability classified as critical was found in Tongda OA up to 11.10. This vulnerability affects unknown code of the file /pda/workflow/check_seal.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public...

9.8CVSS7.1AI score0.00092EPSS

CVE•added 2024/11/01 4:15 a.m.•38 views

CVE-2024-10616

A vulnerability classified as critical has been found in Tongda OA up to 11.9. This affects an unknown part of the file /pda/workflow/webSignSubmit.php. The manipulation of the argument saleId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to ...

9.8CVSS7.1AI score0.00098EPSS

CVE•added 2023/11/12 11:15 a.m.•37 views

CVE-2023-6084

A vulnerability was found in Tongda OA 2017 up to 11.9 and classified as critical. Affected by this issue is some unknown functionality of the file general/vehicle/checkup/delete.php. The manipulation of the argument VU_ID leads to sql injection. The exploit has been disclosed to the public and may...

9.8CVSS8.1AI score0.00057EPSS

CVE•added 2024/11/01 3:15 p.m.•37 views

CVE-2024-10657

A vulnerability classified as critical has been found in Tongda OA up to 11.10. Affected is an unknown function of the file /pda/approve_center/prcs_info.php. The manipulation of the argument RUN_ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed...

9.8CVSS7.1AI score0.001EPSS

CVE•added 2023/09/17 10:15 p.m.•36 views

CVE-2023-5030

A vulnerability has been found in Tongda OA up to 11.10 and classified as critical. This vulnerability affects unknown code of the file general/hr/recruit/plan/delete.php. The manipulation of the argument PLAN_ID leads to sql injection. The exploit has been disclosed to the public and may be used. ...

8.8CVSS7.5AI score0.00032EPSS

CVE•added 2023/12/16 11:15 p.m.•35 views

CVE-2023-6885

A vulnerability was found in Tongda OA 2017 up to 11.10. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file general/vote/manage/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The exploit has been disclosed to the...

9.8CVSS7.8AI score0.00057EPSS

CVE•added 2024/11/01 3:15 p.m.•35 views

CVE-2024-10658

A vulnerability classified as critical was found in Tongda OA up to 11.10. Affected by this vulnerability is an unknown functionality of the file /pda/approve_center/check_seal.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been...

9.8CVSS7.1AI score0.001EPSS

CVE•added 2024/05/15 4:15 p.m.•35 views

CVE-2024-4903

A vulnerability was found in Tongda OA 2017. It has been declared as critical. This vulnerability affects unknown code of the file /general/meeting/manage/delete.php. The manipulation of the argument M_ID_STR leads to sql injection. The attack can be initiated remotely. The exploit has been disclos...

6.5CVSS7.3AI score0.00019EPSS

CVE•added 2023/11/09 1:15 p.m.•34 views

CVE-2023-6052

A vulnerability classified as critical has been found in Tongda OA 2017 up to 11.9. Affected is an unknown function of the file general/system/censor_words/module/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The exploit has been disclosed to the public and may be ...

9.8CVSS7.3AI score0.00099EPSS

CVE•added 2023/12/08 3:15 p.m.•34 views

CVE-2023-6608

A vulnerability was found in Tongda OA 2017 up to 11.9 and classified as critical. Affected by this issue is some unknown functionality of the file general/notify/manage/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The exploit has been disclosed to the public and ...

7.5CVSS6.6AI score0.0005EPSS

CVE•added 2023/09/17 10:15 a.m.•33 views

CVE-2023-5026

A vulnerability classified as problematic has been found in Tongda OA 11.10. Affected is an unknown function of the file /general/ipanel/menu_code.php?MENU_TYPE=FAV. The manipulation of the argument OA_SUB_WINDOW leads to cross site scripting. It is possible to launch the attack remotely. The explo...

6.1CVSS4.8AI score0.00069EPSS

CVE•added 2023/05/16 3:15 p.m.•32 views

CVE-2023-2738

A vulnerability classified as critical has been found in Tongda OA 11.10. This affects the function actionGetdata of the file GatewayController.php. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be...

9.8CVSS8AI score0.00084EPSS

CVE•added 2023/09/17 7:15 a.m.•30 views

CVE-2023-5023

A vulnerability was found in Tongda OA 2017 and classified as critical. Affected by this issue is some unknown functionality of the file general/hr/manage/staff_relatives/delete.php. The manipulation of the argument RELATIVES_ID leads to sql injection. The exploit has been disclosed to the public a...

8.8CVSS7.2AI score0.00035EPSS

CVE•added 2023/12/08 2:15 p.m.•29 views

CVE-2023-6607

A vulnerability has been found in Tongda OA 2017 up to 11.10 and classified as critical. Affected by this vulnerability is an unknown functionality of the file general/wiki/cp/manage/delete.php. The manipulation of the argument TERM_ID_STR leads to sql injection. The exploit has been disclosed to t...

7.5CVSS6.7AI score0.00048EPSS

CVE•added 2024/02/06 5:15 p.m.•29 views

CVE-2024-1252

A vulnerability classified as critical was found in Tongda OA 2017 up to 11.9. Affected by this vulnerability is an unknown functionality of the file /general/attendance/manage/ask_duty/delete.php. The manipulation of the argument ASK_DUTY_ID leads to sql injection. The exploit has been disclosed t...

9.8CVSS9.6AI score0.00103EPSS

CVE•added 2023/09/17 4:15 a.m.•26 views

CVE-2023-5019

A vulnerability classified as critical was found in Tongda OA. This vulnerability affects unknown code of the file general/hr/manage/staff_reinstatement/delete.php. The manipulation of the argument REINSTATEMENT_ID leads to sql injection. The attack can be initiated remotely. The exploit has been d...

9.8CVSS8.4AI score0.00026EPSS

CVE•added 2023/12/08 3:15 p.m.•24 views

CVE-2023-6611

A vulnerability was found in Tongda OA 2017 up to 11.9. It has been declared as critical. This vulnerability affects unknown code of the file pda/pad/email/delete.php. The manipulation of the argument EMAIL_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Upg...

7.5CVSS6.8AI score0.0005EPSS